summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlan Coopersmith <alan.coopersmith@oracle.com>2023-03-25 12:44:39 -0700
committerAlan Coopersmith <alan.coopersmith@oracle.com>2023-03-25 12:44:39 -0700
commitdf1bf4fe528a5a9eef420f78efb225e4696ac467 (patch)
treea85763c85e8449af7cb9211a01c54dbf2b1a4268
parent41c43bdf85c91293af80b0b843947380b9b3378c (diff)
Set close-on-exec when opening files
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-rw-r--r--AuGetAddr.c8
-rw-r--r--AuGetBest.c8
-rw-r--r--AuLock.c7
3 files changed, 20 insertions, 3 deletions
diff --git a/AuGetAddr.c b/AuGetAddr.c
index 6f5fe16..6de2be3 100644
--- a/AuGetAddr.c
+++ b/AuGetAddr.c
@@ -30,6 +30,12 @@ in this Software without prior written authorization from The Open Group.
#include <X11/Xauth.h>
#include <X11/Xos.h>
+#ifdef O_CLOEXEC
+#define FOPEN_CLOEXEC "e"
+#else
+#define FOPEN_CLOEXEC ""
+#endif
+
#define binaryEqual(a, b, len) (memcmp(a, b, len) == 0)
Xauth *
@@ -64,7 +70,7 @@ _Xconst char* name)
return NULL;
if (access (auth_name, R_OK) != 0) /* checks REAL id */
return NULL;
- auth_file = fopen (auth_name, "rb");
+ auth_file = fopen (auth_name, "rb" FOPEN_CLOEXEC);
if (!auth_file)
return NULL;
for (;;) {
diff --git a/AuGetBest.c b/AuGetBest.c
index 5556559..d2a38ee 100644
--- a/AuGetBest.c
+++ b/AuGetBest.c
@@ -38,6 +38,12 @@ in this Software without prior written authorization from The Open Group.
#include <X11/Xos_r.h>
#endif
+#ifdef O_CLOEXEC
+#define FOPEN_CLOEXEC "e"
+#else
+#define FOPEN_CLOEXEC ""
+#endif
+
#define binaryEqual(a, b, len) (memcmp(a, b, len) == 0)
Xauth *
@@ -76,7 +82,7 @@ XauGetBestAuthByAddr (
return NULL;
if (access (auth_name, R_OK) != 0) /* checks REAL id */
return NULL;
- auth_file = fopen (auth_name, "rb");
+ auth_file = fopen (auth_name, "rb" FOPEN_CLOEXEC);
if (!auth_file)
return NULL;
diff --git a/AuLock.c b/AuLock.c
index 5dfc174..da9fcc1 100644
--- a/AuLock.c
+++ b/AuLock.c
@@ -41,6 +41,10 @@ in this Software without prior written authorization from The Open Group.
# define link rename
#endif
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 0
+#endif
+
int
XauLockAuth (
_Xconst char *file_name,
@@ -71,7 +75,8 @@ long dead)
while (retries > 0) {
if (creat_fd == -1) {
- creat_fd = open (creat_name, O_WRONLY | O_CREAT | O_EXCL, 0600);
+ creat_fd = open (creat_name, O_WRONLY | O_CREAT | O_EXCL | O_CLOEXEC,
+ 0600);
if (creat_fd == -1) {
if (errno != EACCES && errno != EEXIST)
return LOCK_ERROR;